On Wed, 2021-11-24 at 14:03 +0000, Yao, Jiewen wrote: > James > I am sorry that it is hard for me to understand your point. > > To be honest, I am not sure what is objective on the discussion. > Are you question the general threat model analysis on UEFI PI > architecture?
The object is for me to understand why you think eliminating PEI improves security because I think it moves it in the opposite direction. > Or are you trying to persuade me we should include PEI in TDVF, > because you think it is safer to add code in PEI ? > Or something else? > > Please enlighten me that. Somewhere a decision was taken to remove PEI from the OVMF that is used to bring up TDX on the grounds of "improving security". I'm struggling to understand the rationale for this. James -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#84040): https://edk2.groups.io/g/devel/message/84040 Mute This Topic: https://groups.io/mt/86739864/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
